malwarewikiaorg-20200223-history
Windows Defender
Windows Defender, (also known as Microsoft Antispyware and Microsoft Security Essentials) is an antivirus made by Microsoft. It is included with every version of Microsoft Windows after Windows XP, on Windows XP and Windows Server 2003, it has a free download. On May 20th, 2019, it was rebranded to Microsoft Defender. On Windows XP, Vista, and 7, Windows Defender only removes spyware. Features (current version) Windows Defender Security Center was released in the Windows 10 Creators Update, the new version was Metro UI-based. Virus and threat protection In this category, virus protection can be configured here and scans (and database updates) could be run from there. Device performance and health This category describes the health of the computer, such as updates, storage space, drivers, and battery life. Health scans are generally run during complete reboots (eg. restarting or shutting down the computer entirely). This area also allows the user to re-install Windows. Firewall and network protection This category allows the user to configure firewall settings, such as status of Public or Private network, setting which apps can access the internet, and network troubleshooter. App and browser control In this category the user can configure Windows SmartScreen for Microsoft Edge as well as Windows SmartScreen for Windows Store. Windows SmartScreen settings for checking unknown files can also be accessed here. Family options In this category the user can set up parental controls and look at health of other computers connected to their family. Features (older version) Windows Defender features system scan capabilities similar to other free products on the market, and includes a number of real-time security agents that monitor several common areas of Windows for changes which may be caused by spyware. It also includes the ability to easily remove ActiveX applications that are installed. Also integrated is support for Microsoft's SpyNet network that allows users to report to Microsoft what they consider to be spyware, and what applications and device drivers they allow to be installed on their system. There is integration with Internet Explorer which enables files to be scanned when they are downloaded to help ensure that one does not accidentally download malicious software. This implementation is similar to the real-time scanners of many antivirus products on the market. Although not combined with Firefox, Windows Defender still scans downloaded files for malicious code. The Advanced Tools section allows users to discover potential vulnerabilities with a series of Software Explorers. They provide views of startup programs, currently running software, network connected applications, and Winsock providers (Winsock LSPs). In each Explorer, every element is rated as either "Known", "Unknown" or "Potentially Unwanted". The first and last categories carry a link to learn more about the particular item, and the second category invites users to submit the program to SpyNet for analysis by experts. Windows Defender in Windows Vista automatically blocks all startup items that require administrator privileges to run (this is considered suspicious behavior for a startup item). This automatic blocking is related to the UAC (User Account Control) functionality in Windows Vista, and requires users to manually run each of these startup items each time they log in. See Also * Microsoft Security Essentials * Microsoft Antivirus References External links zh:Windows Defender Category:Microsoft Windows Category:Antivirus software Category:Antispyware software